﻿using Identity_JWT.Dao.Model;
using Identity_JWT.Data;
using Identity_JWT.IdentityPolicy;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using System.Runtime.CompilerServices;

namespace Identity_JWT
{
    public  static class RegisterIdentity
    {
       
        public static WebApplicationBuilder AddIdentity(this WebApplicationBuilder builder) 
        {
            var services = builder.Services;


            builder.Services.AddDefaultIdentity<User>(options => options.SignIn.RequireConfirmedAccount = true)
              .AddEntityFrameworkStores<ApplicationDbContext>();

            services.Configure<CookiePolicyOptions>(options =>
            {               
                options.CheckConsentNeeded = context => true; //true时： 则不会将非必要的 cookie 发送到浏览器。
                options.MinimumSameSitePolicy = SameSiteMode.None; //跨源身份验证
            });
          
            services.Configure<IdentityOptions>(options =>
            {
                // Password settings.
                options.Password.RequireDigit = true;  //必须有数字
                options.Password.RequireLowercase = false;  //至少有一个小写字母
                options.Password.RequireNonAlphanumeric = false;  //至少有一个除字母和数字以外的字符
                options.Password.RequireUppercase = false;  //大写
                options.Password.RequiredLength = 6;
                options.Password.RequiredUniqueChars = 1;

                // Lockout settings.
                options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(5);
                options.Lockout.MaxFailedAccessAttempts = 5;
                options.Lockout.AllowedForNewUsers = true;

                //重置密码用这种配置验证码短少，不配置验证码长
                options.Tokens.PasswordResetTokenProvider = TokenOptions.DefaultEmailProvider;
                options.Tokens.EmailConfirmationTokenProvider = TokenOptions.DefaultEmailProvider;

                // User settings.
                options.User.AllowedUserNameCharacters =
                "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._@+";  //用户名只能在该字符中组合
                options.User.RequireUniqueEmail = false;  //邮箱是否必须是唯一的
            });

            services.ConfigureApplicationCookie(options =>
            {
                // Cookie settings
                options.Cookie.Name = "asp.netCore.Identity";
                options.Cookie.HttpOnly = true;  
                options.ExpireTimeSpan = TimeSpan.FromMinutes(5);  //超时时间
                options.LoginPath = "/Identity/Account/Login"; 
                options.AccessDeniedPath = "/Identity/Account/AccessDenied"; //拒绝访问路径
                options.SlidingExpiration = true;  //设置滑动过期
            }); 

            //services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Latest);
            //添加自定义的密码验证
            builder.Services.AddTransient<IPasswordValidator<User>, CustomPasswordPolicy>();
            builder.Services.AddTransient<IUserValidator<User>, CustomUserPolicy>();
            return builder;
        }
    }
}
